<?
require 'include/global.php';

if ($_POST[action] == "login") {
		$uname = ReplaceSql_Str(trim($_POST[username]));
		$pwd   = ReplaceSql_Str(trim($_POST[password]));
        $err = '';
		if($_POST[username]==''){
		   $err = "Username is required"; 
		}elseif($_POST[password]==''){
		   $err = "Password is required"; 
		}else{
				$sql_1  = " select ep_regtime,ep_uname,ep_pword,ep_id,ep_deadline,ep_status,ep_email from pa_employer where BINARY ep_uname = '".$uname."' ";
				$arr1 = $DB->fetch_one_array($sql_1);
				$sql_2  = " select js_regtime,js_uname,js_pword,js_id,js_deadline,js_status,js_email,js_phone,js_fname,js_lname  from pa_candidates where BINARY js_uname ='".$uname."'";
				$arr2 = $DB->fetch_one_array($sql_2);
				$sql_3  = " select rc_regtime,rc_uname,rc_pword,rc_id,rc_deadline,rc_status,rc_phone,rc_email,rc_fname,rc_lname,rc_copname,rc_verify from pa_recuiter where BINARY rc_uname ='".$uname."'";
				$arr3 = $DB->fetch_one_array($sql_3);
				$sql_4  = " select ad_regtime,ad_uname,ad_pword,ad_id,ad_deadline,ad_status,ad_email from pa_advisory where BINARY ad_uname ='".$uname."'";
				$arr4 = $DB->fetch_one_array($sql_4);

				if(empty($arr1)&&empty($arr2)&&empty($arr3)&&empty($arr4)){
				   $err = "Username does not exist. Try again";
				}else{
					if(!empty($arr1)){
						if($arr1[ep_pword]!=md5($pwd)){
						   $err = " Password is incorrect. Try again.<br><a href=\"forget.php\">Forgot password?</a>";
						}else{
						   $DB->query(" UPDATE pa_employer SET ep_logintime = '".time()."' where BINARY ep_uname = '".$uname."' ");
						}
					}
					if(!empty($arr2)){
						if($arr2[js_pword]!=md5($pwd)){
						   $err = " Password is incorrect. Try again.<br><a href=\"forget.php\">Forgot password?</a>";
						}else{
						   $DB->query(" UPDATE pa_candidates SET js_logintime = '".time()."' where BINARY js_uname = '".$uname."' ");
						}
					}
					if(!empty($arr3)){
						

						if($arr3['rc_pword']!=md5($pwd)){
						   $err = " Password is incorrect. Try again.";
						}
						   
						if($arr3['rc_verify'] == 0){
						   $err .= " Sorry, it seems your account is not activated. To activate your account, please check the account activation email we sent you immediately following your registration. Be sure to check both your inbox and junk box. If you didn't receive an email or have trouble signing in, please contact us <a href=\"contactus.php\">here</a>. ";
						}
						   
						if($err == ''){
						   $DB->query(" UPDATE pa_recuiter SET rc_logintime = '".time()."' where BINARY rc_uname = '".$uname."' ");
						}
					}
					if(!empty($arr4)){
						 if($arr4[ad_pword]!=md5($pwd)){
						   $err = " Password is incorrect. Try again.<br><a href=\"forget.php\">Forgot password?</a>";
						}else{
						   $DB->query(" UPDATE pa_advisory SET ad_logintime = '".time()."' where BINARY ad_uname = '".$uname."' ");
						}
					}
				}
		 }


if($err<>''){

?>
<!--k||||error||||k-->
	<h2 class="m_t">Member Sign In</h2>
	<div class="m_c">
		<div class="sign_form" id="J_sign_form">
			<form action="#" method="post" class="" name="signin">
				<label><input type="text" class="field username"   id="username" value="<?=$_POST[username]?>"/></label>
				<label><input type="password" class="field password" id="pword" value="" /></label>
				<div class="btnwrap"><a href="#" class="btn_submit enet_btn" onclick="return ajax_post();"><span>Sign In</span></a><span id="loadp" style='margin:auto;'></span></div>
				<p class="mt_5"><font color="red"><?=$err?></font></p>
				<p class="mt_5"><span class="ico_help"></span><a href="forget.php" class="lnk_getPasswd">Forgot password?</a></p>
			</form>
		</div>
	</div>
	<div class="m_f"></div>
<?
   }else{
$_SESSION[uname] = $uname;
if(!empty($arr1)){$_SESSION[usertype] = "employer"; $_SESSION[regtime] = $arr1[ep_regtime]; $_SESSION[perfix] = "ep_";$_SESSION[uid] = $arr1[ep_id];$_SESSION[homeUrl] = "employerlist.php"; $_SESSION[deadline] = $arr1[ep_deadline];$_SESSION['status']=$HALFSTATUS[$arr1[ep_status]];$_SESSION[useremail] = $arr1[ep_email];}

if(!empty($arr2)){$_SESSION[usertype] = "candidate";$_SESSION[regtime] = $arr2[js_regtime];  $_SESSION[perfix] = "js_";$_SESSION[uid] = $arr2[js_id];$_SESSION[homeUrl] = "candidatelist.php";$_SESSION[deadline] = $arr2[js_deadline];$_SESSION['status']=$HALFSTATUS[$arr2[js_status]];$_SESSION[useremail] = $arr2[js_email];
$_SESSION[phone] = $arr2[js_phone];
$_SESSION[realname] = $arr2[js_fname] ." ".$arr2[js_lname];
}

if(!empty($arr3)){$_SESSION[usertype] = "recruiter";$_SESSION[regtime] = $arr3[rc_regtime]; $_SESSION[perfix] = "rc_";$_SESSION[uid] = $arr3[rc_id];$_SESSION[homeUrl] = "rec_home.php";$_SESSION[deadline] = $arr3[rc_deadline];$_SESSION['status']=$ALLSTATUS[$arr3[rc_status]];$_SESSION[useremail] = $arr3[rc_email];
$_SESSION[phone] = $arr3[rc_phone];
$_SESSION[realname] = $arr3[rc_fname] ." ".$arr3[rc_lname];
$_SESSION[rc_copname] = $arr3[rc_copname];
}

if(!empty($arr4)){$_SESSION[usertype] = "advisor"; $_SESSION[regtime] = $arr4[ad_regtime];   $_SESSION[perfix] = "ad_";$_SESSION[uid] = $arr4[ad_id];$_SESSION[homeUrl] = "advisorlist.php";  $_SESSION[deadline] = $arr4[ad_deadline];$_SESSION['status']=$HALFSTATUS[$arr4[ad_status]];$_SESSION[useremail] = $arr4[ad_email];}


 //mail to enet admin    
$headers .= "From: enetRecruiter Support <support@enetrecruiter.com>" . "\r\n";
$headers .= "Content-type: text/html; charset=utf-8" . "\r\n";
$subject  = $_SESSION[realname]." Login Information";

$to       =  "signin@enetrecruiter.com";
$content  = "User Type: ".$_SESSION[usertype]."<br>User Name: ".$_SESSION[uname]."<br>Login Date/Time: ".@date('Y/m/d H:i:s',time())."<br>";

@mail($to, $subject, $content, $headers);
//User Type: Recruiter
//User Name: Joe
//Login Date/Time

//check status
if($_SESSION[usertype]=='employer'&&$_SESSION['status']=="Trial"&&$_SESSION[deadline]<time()){
   $DB->query("UPDATE pa_employer SET ep_status = 2 WHERE ep_id = '".$_SESSION[uid]."'");
   $_SESSION['status'] = "Expired";
}
if($_SESSION[usertype]=='candidate'&&$_SESSION['status']=="Trial"&&$_SESSION[deadline]<time()){
   $DB->query("UPDATE pa_candidates SET js_status = 2 WHERE js_id = '".$_SESSION[uid]."'");
   $_SESSION['status'] = "Expired";
}
if($_SESSION[usertype]=='recruiter'&&$_SESSION['status']=="Trial"&&$_SESSION[deadline]<time()){
   $DB->query("UPDATE pa_recuiter SET rc_status = 4 WHERE rc_id = '".$_SESSION[uid]."'");
   $_SESSION['status'] = "Expired";
}
if($_SESSION[usertype]=='advisor'&&$_SESSION['status']=="Trial"&&$_SESSION[deadline]<time()){
   $DB->query("UPDATE pa_advisory SET ad_status = 2 WHERE ad_id = '".$_SESSION[uid]."'");
   $_SESSION['status'] = "Expired";
}

//print_r($_SESSION);
?>
<!--k||||<?=$_SESSION[homeUrl]?>||||k-->
	<h2 class="m_t">Member Sign In</h2>
	<div class="m_c">
		<div class="mySigned">
			<p class="info">Welcome, <span class="u_name"><?=$uname?></span>!</p>
			<?if($_SESSION[usertype] == 'recruiter'){?>
			<p class="lnk_panel"><a href="recdashboard.php" class="lnk_arrow">My Dashboard</a></p>
			<?}else{?>
			<p class="lnk_panel"><a href="<?=$_SESSION[homeUrl]?>" class="lnk_arrow">My Desktop</a></p>
			<?}?>
			<p class="lnk_panel"><a href="settings.php" class="lnk_arrow">My Account</a></p>
			<p class="lnk_panel"><a href="#" class="lnk_arrow" onclick="return ajax_out()">Sign Out</a><div id="loadp"></div></p>
		</div>
	</div>
	<div class="m_f"></div>
<?
   }
}

if ($_POST[action] == "logout") {
  session_unset();
  session_destroy();
?>
	<h2 class="m_t">Member Sign In</h2>
	<div class="m_c">
		<div class="sign_form" id="J_sign_form">
			<label><input type="text" class="field username"   id="username" value="<?=$_POST[username]?>"/></label>
			<label><input type="password" class="field password" id="pword" value="" /></label>
			<div class="btnwrap"><a href="#" class="btn_submit enet_btn" onclick="return ajax_post();"><span>Sign In</span></a><span id="loadp" style='margin:auto;'></span></div>
			<p class="mt_5"><font color="red"><?=$err?></font></p>
			<p class="mt_5"><span class="ico_help"></span><a href="forget.php" class="lnk_getPasswd">Forgot password?</a></p>
		</div>
	</div>
	<div class="m_f"></div>
<?
}

if ($_POST[action] == "logout2") {
  session_unset();
  session_destroy();
}

?>